﻿using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace WebApplication4
{
    public partial class WebForm1 : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {

        }

        protected void Button1_Click(object sender, EventArgs e)
        {
            string name = TextBox1.Text;
            string pwd = TextBox2.Text;

            string url = "server=.;uid=sa;pwd=123456;database=Student";
            SqlConnection con = new SqlConnection(url);

            string sql = "select * from StudentInfo where name=@name and pwd=@pwd";
            SqlParameter[] pars =
            {
                new SqlParameter("@name",name),
                new SqlParameter("@pwd",pwd)
            };
            try
            {
                con.Open();
                SqlCommand com = new SqlCommand(sql,con);
                com.Parameters.AddRange(pars);

                SqlDataReader sda = com.ExecuteReader();

                if (sda.Read())
                {
                    Session["name"] = name;
                    Label1.Text = "登录成功!";
                    Response.Redirect("WebForm2.aspx");
                }
                else
                {
                    Label1.Text = "用户名或密码错误!";
                }

            }
            catch (Exception ex)
            {
                throw new Exception(ex.Message.ToString());
            }
            finally
            {
                con.Close();
            }

        }

        protected void Button2_Click(object sender, EventArgs e)
        {
            Response.Redirect("WebForm3.aspx");
        }
    }
}